From owner-freebsd-isp  Sun Dec 16 15:59:41 2001
Delivered-To: freebsd-isp@freebsd.org
Received: from lemon.national.com.au (lemon.national.com.au [203.57.241.81])
	by hub.freebsd.org (Postfix) with ESMTP id E456C37B41A
	for <freebsd-isp@FreeBSD.ORG>; Sun, 16 Dec 2001 15:59:37 -0800 (PST)
Received: by lemon.national.com.au (Postfix, from userid 5)
	id 586399F821; Mon, 17 Dec 2001 10:59:31 +1100 (EST)
Received: from unknown(10.25.154.32) by lemon.national.com.au via csmap (V4.1)
	id srcAAAlNaisS; Mon, 17 Dec 01 10:59:30 +1100
Received: (from uucp@localhost)
	by peppermint.national.com.au (8.9.3+Sun/8.8.8) id KAA15191;
	Mon, 17 Dec 2001 10:59:23 +1100 (EST)
Received: from webjump.national.com.au(164.53.27.38)
 via SMTP by peppermint, id smtpdAAAQZaOQD; Mon Dec 17 10:59:23 2001
Received: (from nconedd@localhost)
	by webjump.national.com.au (8.10.2+Sun/8.10.2) id fBGNxQS22427;
	Mon, 17 Dec 2001 10:59:26 +1100 (EST)
Date: Mon, 17 Dec 2001 10:59:26 +1100
From: Enno Davids <nconedd@webjump.national.com.au>
To: Colin Campbell <sgcccdc@citec.qld.gov.au>
Cc: Jeff Lasman <jblists@nobaloney.net>, freebsd-isp@FreeBSD.ORG
Subject: Re: Using DNAT and DNS round-robin
Message-ID: <20011217105926.K16592@webjump.national.com.au>
References: <3C1D0EF1.783B48AD@nobaloney.net> <Pine.BSF.4.33.0112170945380.23989-100000@guru.citec.qld.gov.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.33.0112170945380.23989-100000@guru.citec.qld.gov.au>; from sgcccdc@citec.qld.gov.au on Mon, Dec 17, 2001 at 09:49:19AM +1000
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-isp.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-isp>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-isp>
X-Loop: FreeBSD.org

On Mon, Dec 17, 2001 at 09:49:19AM +1000, Colin Campbell wrote:
|On Sun, 16 Dec 2001, Jeff Lasman wrote:
|> Derrick John Klise wrote:
|>
|> > IIRC, something like:
|> >
|> >   monkey.example.net    IN A   192.168.0.1
|> >                         IN A   192.168.0.2
|> >                         IN A   192.168.0.3
|>
|> Thanks.  Finally found it on page 259 of DNS and Bind.
|>
|> > > Is there a way to handle high-availability strictly in DNS?
|> >
|
|There used to be (still is? - cou;dn't find it) a paper on the ISC web
|site (www.isc.org) exlpaining why using DNS for HA was pointless. If
|memory serves, the main reasons were
|
|- most browsers cache DNS lookups and so a system that goes down will
|  simply appear as unreachable to the browser.
|
|- most browsers ignore TTLs.

FWIW, squid (and possibly other proxies) when faced with a list of address
for a name will retry on the next address in the list when they get a hard
error on the one they're using. Its still not HA, but its better than you
thought.

The real answer is hardware load balancers like F5, Foundry or Rad.


Enno.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message